Audit: split audit watch Kconfig (939a67fc) · Commits · e / devices / android_kernel_xiaomi_markw

init/Kconfig

+5 −1

Original line number	Original line	Diff line number	Diff line
	@@ -307,7 +307,6 @@ config TASK_IO_ACCOUNTING
	config AUDIT		config AUDIT
	bool "Auditing support"		bool "Auditing support"
	depends on NET		depends on NET
	select FSNOTIFY
	help		help
	Enable auditing infrastructure that can be used with another		Enable auditing infrastructure that can be used with another
	kernel subsystem, such as SELinux (which requires this for		kernel subsystem, such as SELinux (which requires this for
	@@ -323,6 +322,11 @@ config AUDITSYSCALL
	can be used independently or with another kernel subsystem,		can be used independently or with another kernel subsystem,
	such as SELinux.		such as SELinux.

			config AUDIT_WATCH
			def_bool y
			depends on AUDITSYSCALL
			select FSNOTIFY

	config AUDIT_TREE		config AUDIT_TREE
	def_bool y		def_bool y
	depends on AUDITSYSCALL		depends on AUDITSYSCALL

kernel/Makefile

+3 −2

Original line number	Original line	Diff line number	Diff line
	@@ -70,10 +70,11 @@ obj-$(CONFIG_IKCONFIG) += configs.o
	obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o		obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
	obj-$(CONFIG_SMP) += stop_machine.o		obj-$(CONFIG_SMP) += stop_machine.o
	obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o		obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
	obj-$(CONFIG_AUDIT) += audit.o auditfilter.o audit_watch.o		obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
	obj-$(CONFIG_AUDITSYSCALL) += auditsc.o		obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
	obj-$(CONFIG_GCOV_KERNEL) += gcov/		obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o
	obj-$(CONFIG_AUDIT_TREE) += audit_tree.o		obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
			obj-$(CONFIG_GCOV_KERNEL) += gcov/
	obj-$(CONFIG_KPROBES) += kprobes.o		obj-$(CONFIG_KPROBES) += kprobes.o
	obj-$(CONFIG_KGDB) += debug/		obj-$(CONFIG_KGDB) += debug/
	obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o		obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o

kernel/audit.h

+13 −1

Original line number	Original line	Diff line number	Diff line
	@@ -103,7 +103,10 @@ extern struct mutex audit_filter_mutex;
	extern void audit_free_rule_rcu(struct rcu_head *);		extern void audit_free_rule_rcu(struct rcu_head *);
	extern struct list_head audit_filter_list[];		extern struct list_head audit_filter_list[];

			extern struct audit_entry audit_dupe_rule(struct audit_krule old);

	/* audit watch functions */		/* audit watch functions */
			#ifdef CONFIG_AUDIT_WATCH
	extern void audit_put_watch(struct audit_watch *watch);		extern void audit_put_watch(struct audit_watch *watch);
	extern void audit_get_watch(struct audit_watch *watch);		extern void audit_get_watch(struct audit_watch *watch);
	extern int audit_to_watch(struct audit_krule krule, char path, int len, u32 op);		extern int audit_to_watch(struct audit_krule krule, char path, int len, u32 op);
	@@ -111,7 +114,16 @@ extern int audit_add_watch(struct audit_krule krule, struct list_head *list);
	extern void audit_remove_watch_rule(struct audit_krule *krule);		extern void audit_remove_watch_rule(struct audit_krule *krule);
	extern char audit_watch_path(struct audit_watch watch);		extern char audit_watch_path(struct audit_watch watch);
	extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev);		extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev);
	extern struct audit_entry audit_dupe_rule(struct audit_krule old);		#else
			#define audit_put_watch(w) {}
			#define audit_get_watch(w) {}
			#define audit_to_watch(k, p, l, o) (-EINVAL)
			#define audit_add_watch(k, l) (-EINVAL)
			#define audit_remove_watch_rule(k) BUG()
			#define audit_watch_path(w) ""
			#define audit_watch_compare(w, i, d) 0

			#endif /* CONFIG_AUDIT_WATCH */

	#ifdef CONFIG_AUDIT_TREE		#ifdef CONFIG_AUDIT_TREE
	extern struct audit_chunk audit_tree_lookup(const struct inode );		extern struct audit_chunk audit_tree_lookup(const struct inode );